mirror of
https://github.com/go-gitea/gitea
synced 2024-12-23 17:14:27 +00:00
API should follow RequireSignInView (#8654)
This commit is contained in:
parent
bd7709a602
commit
3c63c3ace4
@ -862,7 +862,7 @@ func RegisterRoutes(m *macaron.Macaron) {
|
|||||||
m.Group("/topics", func() {
|
m.Group("/topics", func() {
|
||||||
m.Get("/search", repo.TopicSearch)
|
m.Get("/search", repo.TopicSearch)
|
||||||
})
|
})
|
||||||
}, securityHeaders(), context.APIContexter(), sudo())
|
}, securityHeaders(), reqTokenBySetting(), context.APIContexter(), sudo())
|
||||||
}
|
}
|
||||||
|
|
||||||
func securityHeaders() macaron.Handler {
|
func securityHeaders() macaron.Handler {
|
||||||
@ -874,3 +874,10 @@ func securityHeaders() macaron.Handler {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func reqTokenBySetting() macaron.Handler {
|
||||||
|
if setting.Service.RequireSignInView {
|
||||||
|
return reqToken()
|
||||||
|
}
|
||||||
|
return func(ctx *macaron.Context) {}
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user